Bug 509096

Summary: segfault in TopicExchange::isBound()
Product: Red Hat Enterprise MRG Reporter: Gordon Sim <gsim>
Component: qpid-cppAssignee: Gordon Sim <gsim>
Status: CLOSED ERRATA QA Contact: Frantisek Reznicek <freznice>
Severity: high Docs Contact:
Priority: high    
Version: 1.0CC: esammons, freznice
Target Milestone: 1.1.6   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-07-14 17:32:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Reproducer
none
Fix none

Description Gordon Sim 2009-07-01 10:43:18 UTC 
Created attachment 350081 [details]
Reproducer

Description of problem:

Due to lack of appropriate locking in TopicExchange::isBound() invocation of this method concurrent with modifications to the set of bindings managed by the topic is unsafe and causes segfaults.

See: https://issues.apache.org/jira/browse/QPID-1963

Version-Release number of selected component (if applicable):

From 1.0

How reproducible:

Easily

Steps to Reproduce:
1. run attached test case against a broker

Actual results:

Broker crashes (usually within 10 minutes)

Expected results:

No crashes.

Additional info:
Comment 1 Gordon Sim 2009-07-01 13:32:07 UTC 
Created attachment 350108 [details]
Fix
Comment 2 Gordon Sim 2009-07-01 13:49:10 UTC 
Fixed on trunk as r790164.
Comment 3 Gordon Sim 2009-07-03 07:45:29 UTC 
Fixed in qpidd-0.5.752581-22.
Comment 4 Frantisek Reznicek 2009-07-03 08:20:31 UTC 
The issue has been fixed, validated on RHEL 4.7 / 5.3 i386 / x86_64 on packages:
[root@mrg-qe-02 bz509096]# rpm -qa | grep -E '(qpid|openais|rhm)' | sort -u
openais-0.80.3-22.el5_3.8
openais-debuginfo-0.80.3-22.el5_3.8
python-qpid-0.5.752581-3.el5
qpidc-0.5.752581-22.el5
qpidc-debuginfo-0.5.752581-22.el5
qpidc-devel-0.5.752581-22.el5
qpidc-rdma-0.5.752581-22.el5
qpidc-ssl-0.5.752581-22.el5
qpidd-0.5.752581-22.el5
qpidd-acl-0.5.752581-22.el5
qpidd-cluster-0.5.752581-22.el5
qpidd-devel-0.5.752581-22.el5
qpid-dotnet-0.4.738274-2.el5
qpidd-rdma-0.5.752581-22.el5
qpidd-ssl-0.5.752581-22.el5
qpidd-xml-0.5.752581-22.el5
qpid-java-client-0.5.751061-7.el5
qpid-java-common-0.5.751061-7.el5
rhm-0.5.3206-5.el5
rhm-docs-0.5.756148-1.el5

->VERIFIED
Comment 6 errata-xmlrpc 2009-07-14 17:32:18 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-1153.html